Coles, GM 2018, 'Privacy, confidentiality, trust and security in e-health informatics systems', PhD thesis, Southern Cross University, Lismore, NSW.
Copyright GM Coles 2018
This thesis examines patient attitudes related to the use of Attribute-Based Credentials (ABCs) for online authentication, authorisation and access control to the Australian Personally Controlled Electronic Health Records (PCEHR) system. ABCs, also termed as Privacy-ABCs are a sophisticated form of digital certificate like those used in conventional Public Key Infrastructure (PKI) schemes, except that ABCs are designed from a conceptual orientation to provide a high level of security without compromising user privacy. The conceptual model employed as the foundation for the study was adapted from models developed from prior research related to technology acceptance, e- commerce and trust in electronic transactions conducted over the Internet.
What differentiates this study from previous research is that it focuses on patients’ use of ABCs for authentication and authorisation in the Australian PCEHR system. Prior research trials into the implementation of ABCs have been funded by the European Commission (EC) as part of their Trust and Security Program from 2010 - 2015. These trials focussed upon the use of ABCs by students when logging in to their respective courses of study. Participants in the trials indicated a high level of acceptance for the use of ABCs and expressed interest related to the use of the technology for authentication in a variety of other online services including electronic health care portals.
For the current study, an online survey was conducted to measure respondent attitudes towards the use of ABCs for privacy protection related to access control to the Australian PCEHR system. IBM’s SPSS software suite including AMOS was used to perform the statistical analyses for the study, which involved a descriptive analysis, factor analysis, multiple linear regression analysis and structural equation modelling.
Findings from the research show clear support for the use of Attribute-Based Credentials for authentication, authorisation and access control concerning the use of the Australian PCEHR system. The findings also show that concerns related to identity theft and unauthorised access were the most significant inhibiting factors regarding the use of PCEHR. Trust in health care practitioners was shown to be the most influential factor towards the use of PCEHR. Furthermore, the wish for anonymity was a key factor in determining the use of ABCs and it was found that as patients’ trust in their health care providers increases so too does their wish to remain anonymous as does the likelihood that they will support the use of ABCs in PCEHR.